IsInRole doesn't works correctly

alexb · alexb

In my ASP.NET Application i check whether user that opens application is a
member of my created Windows Group(Managers).

if (Context.User.IsInRol(@"MyCompName\Managers"))
{
TextBox1.Text="OK";
}

If i use Integrated Windows Authentication in IIS all OK but with Basic
Authentication i have a problem.
What is a problem:
When i first time open my application, the Basic Authentication Form is
appear.
I enter login and password of user that in my "Managers" local windows group
and IsInRol works correctly.

I close Internet Explorer. Remove this user from my "Managers" group and try
again to open my application in hope
to get IsInRol=False, but i get True.

Only after restart IIS I get correctly result.

Why it's works so and how can i resolve this problem because i need use
Basic Authentication

Thanks.

Alek Davis · Alek Davis

Alex,

There seems to be a problem (and possibly not one) with IsInRole
functionality.Check this thread:
[url]http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=O1wmwtE7CHA.2156%40TK2MSFTNGP12.phx.gbl& rnum=1&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3DO1wmwtE7CHA.2156%2540TK2MSFTNGP12.phx.g bl%26rnum%3D1[/url]
(or [url]http://tinyurl.com/2e2lm[/url]). I am not sure if I understand this correctly,
but it seems to me that Basic Authentication is prone to caching problems.
For example, if you call a Web Service programmatically passing valid basic
credentials (which will establish a connection), the close the connection,
and try the exactly same operation using wrong credentials, the operation
will not fail (it will fail after a 30-minute - or so - timeout, though).
See if Keith Brown's approach helps you (please post the solution if you
find one).

Alek

"alexb" <alexb@ness-isi.com> wrote in message
news:eqKbMipNEHA.3988@TK2MSFTNGP09.phx.gbl...

> In my ASP.NET Application i check whether user that opens application is a
> member of my created Windows Group(Managers).
>
> if (Context.User.IsInRol(@"MyCompName\Managers"))
> {
> TextBox1.Text="OK";
> }
>
> If i use Integrated Windows Authentication in IIS all OK but with Basic
> Authentication i have a problem.
> What is a problem:
> When i first time open my application, the Basic Authentication Form is
> appear.
> I enter login and password of user that in my "Managers" local windows

group

> and IsInRol works correctly.
>
> I close Internet Explorer. Remove this user from my "Managers" group and

try

> again to open my application in hope
> to get IsInRol=False, but i get True.
>
> Only after restart IIS I get correctly result.
>
> Why it's works so and how can i resolve this problem because i need use
> Basic Authentication
>
> Thanks.
>
>

alexb · alexb

You understand me correctly.

If i remove user from windows group after first logon to my site, IsInRole
works not correctly because Basic Authentication is prone to caching user
token data.

"Alek Davis" <alek_xDOTx_davis_xATx_intel_xDOTx_com> wrote in message
news:eUf1umeOEHA.1340@TK2MSFTNGP12.phx.gbl...

> Alex,
>
> There seems to be a problem (and possibly not one) with IsInRole
> functionality.Check this thread:
>

[url]http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=O1wmwtE7CHA.2156%40TK2MSFTNGP12.phx.gbl& rnum=1&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3DO1wmwtE7CHA.2156%2540TK2MSFTNGP12.phx.g bl%26rnum%3D1[/url]

> (or [url]http://tinyurl.com/2e2lm[/url]). I am not sure if I understand this

correctly,

> but it seems to me that Basic Authentication is prone to caching problems.
> For example, if you call a Web Service programmatically passing valid

basic

> credentials (which will establish a connection), the close the connection,
> and try the exactly same operation using wrong credentials, the operation
> will not fail (it will fail after a 30-minute - or so - timeout, though).
> See if Keith Brown's approach helps you (please post the solution if you
> find one).
>
> Alek
>
> "alexb" <alexb@ness-isi.com> wrote in message
> news:eqKbMipNEHA.3988@TK2MSFTNGP09.phx.gbl...

> > In my ASP.NET Application i check whether user that opens application is

a

> > member of my created Windows Group(Managers).
> >
> > if (Context.User.IsInRol(@"MyCompName\Managers"))
> > {
> > TextBox1.Text="OK";
> > }
> >
> > If i use Integrated Windows Authentication in IIS all OK but with Basic
> > Authentication i have a problem.
> > What is a problem:
> > When i first time open my application, the Basic Authentication Form is
> > appear.
> > I enter login and password of user that in my "Managers" local windows

> group

> > and IsInRol works correctly.
> >
> > I close Internet Explorer. Remove this user from my "Managers" group and

> try

> > again to open my application in hope
> > to get IsInRol=False, but i get True.
> >
> > Only after restart IIS I get correctly result.
> >
> > Why it's works so and how can i resolve this problem because i need use
> > Basic Authentication
> >
> > Thanks.
> >
> >

>
>

IsInRole doesn't works correctly

Thread Tools

Display

IsInRole doesn't works correctly

Similar Questions and Discussions

Progressbar works, loaded movie fails to run correctly.

isInrole

Problems with IsInRole

isInRole doesn't work for one user, but works for everyone else

Help with IsInRole

Re: IsInRole doesn't works correctly

Re: IsInRole doesn't works correctly

Posting Permissions